US8112785B1 - Systems and methods for administering policies for physical locations - Google Patents
Systems and methods for administering policies for physical locations Download PDFInfo
- Publication number
- US8112785B1 US8112785B1 US11/967,975 US96797507A US8112785B1 US 8112785 B1 US8112785 B1 US 8112785B1 US 96797507 A US96797507 A US 96797507A US 8112785 B1 US8112785 B1 US 8112785B1
- Authority
- US
- United States
- Prior art keywords
- mobile
- computing
- physical location
- policy
- location
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active, expires
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
- G06F21/35—User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/107—Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/30—Security of mobile devices; Security of mobile applications
- H04W12/37—Managing security policies for mobile devices or for controlling mobile applications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2111—Location-sensitive, e.g. geographical location, GPS
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/63—Location-dependent; Proximity-dependent
Definitions
- Policy definition may refer to the tools or techniques that allow administrators to define how a network device may be controlled.
- policy enforcement may refer to the tools or techniques that enforce policy definitions. The automated nature of policy enforcement may reduce the time and effort an administrator spends monitoring a network or network device.
- Administrators may implement traditional policy management through fixed-policy enforcement.
- a network administrator may define a set of fixed policies for a network device. The set of fixed policies does not change, regardless of the location or status of the network device, unless the network administrator makes the policy change. While fixed-policy enforcement may be somewhat effective for a small network with a small number of non-portable network devices, fixed-policy enforcement may not be particularly useful to administrators managing portable network devices.
- NLA Network Location Awareness
- NLA may change policy definitions for a device when the device changes networks.
- NLA may involve technology that allows a device to detect a network, receive a set of policy definitions for that network, then enforce the policies on the device.
- a laptop with NLA may include one set of policy definitions that corresponds to a home network and another set of definitions that corresponds to a work network.
- NLA may provide some flexibility over fixed policy in managing portable-computing network devices, but growth and expansion in network environments and use of portable devices may present challenges that neither fixed policy or NLA may address.
- NLA and other traditional network-policy management techniques may have limited capabilities in traditional networks and may be even less effective in attempts to control mobile-computing devices within certain physical locations.
- NLA may be ineffective where a mobile-computing device may be in multiple physical locations but still connected to a single network (e.g., a municipal or 3G network).
- location owners and managers may need more effective tools to control network devices within their locations.
- Embodiments of the instant disclosure may address various disadvantages and problems with prior network device administration and may also provide various other advantages and features. For example, some embodiments may verify that a source is authorized to provide mobile-computing-device policies for a physical location. In at least one embodiment, verifying that a source is authorized to provide mobile-computing device policies for a physical location may comprise accessing a database to verify that the source is authorized to provide a first policy for the first physical location. In other embodiments, verifying that a source is authorized to provide mobile-computing device policies for a physical location may comprise receiving a confirmation that the source is authorized to provide the first policy for the first physical location.
- Certain embodiments may provide third-party verification that a source is authorized to create and modify mobile-computing device policies for a physical location. Such verification may allow for sources (e.g., administrators) to control mobile device policies for their locations by access to a central control server through an internet interface.
- sources e.g., administrators
- a computer-implemented method may comprise receiving verification that a source is authorized to provide mobile-computing-device policy for a first physical location.
- the method may also comprise receiving a first mobile-computing-device policy, identifying the first physical location, and associating the first mobile-computing-device policy with the first physical location.
- the method may further comprise implementing, based on the verification, the first mobile-computing-device policy at the first physical location.
- the source may be a location-policy administrator, and the location-policy administrator may be authorized to provide the first policy for the location.
- receiving the first mobile-computing-device policy comprises identifying that the first mobile-computing-device policy is received from the location-policy administrator.
- Embodiments of the instant disclosure provide various methods, systems, and computer-readable media for allowing a source to manage mobile-device settings for a physical location. Some embodiments may provide improved mobile device management and control capabilities for location owners. Various embodiments may verify that the administrator is authorized to provide mobile-computing device policy for a physical location. Various embodiments may combine some or all of these features and/or may provide alternative or additional features.
- FIG. 1 is a block diagram of a system configured to receive verification from a source according to at least one embodiment.
- FIG. 2 is a flow diagram of a computer-implemented method capable of receiving verification that a source is authorized to provide mobile-computing-device policy according to certain embodiments.
- FIG. 3 is a flow diagram of a computer-implemented method for receiving verification that a source is authorized to provide mobile-computing-device policy for physical locations according to certain embodiments.
- FIG. 4 is a flow diagram of a computer-implemented method for receiving multiple policies and identifying multiple locations according to at least one embodiment.
- FIG. 5 is a flow diagram of a computer-implemented method for receiving and implementing policies for multiple sub-regions according to an additional embodiment.
- FIG. 6 is a block diagram of a physical location with multiple boundaries according to an additional embodiment.
- FIG. 7 is a block diagram of a physical location with multiple sub-regions according to an additional embodiment.
- FIG. 8 is a flow diagram of an exemplary computer-implemented method for implementing mobile-computing-device policies according to an additional embodiment.
- FIG. 9 is a block diagram of an exemplary computing system capable of implementing one or more of the embodiments described and/or illustrated herein.
- FIG. 10 is a block diagram of an exemplary computing network capable of implementing one or more of the embodiments described and/or illustrated herein.
- the following description discusses methods and systems for receiving verification that a source is authorized to provide mobile-computing-device policies for a physical location, and the following examples and figures may enable and describe these methods in a non-limiting and exemplary manner. Location owners may need more efficient and effective technologies to regulate the usage of mobile-computing devices that enter their properties, and the instant disclosure provides the following examples and figures as ways to meet and overcome such challenges.
- Prior technologies may provide individual device owners with some degree of device control, but concerns beyond individual device management may require technologies capable of regulating device usage at a location level. While some current tools and technologies may attempt to give location owners some degree of control, it may be difficult to define policies for mobile-computing-device usage without applying a method for verifying that a source (e.g., a location owner) of the location is authorized to provide policies. Also, there may be a need for more intuitive and effective ways to allow sources to define usage policies. For example, internet-based interfaces may provide an intuitive and effective method for receiving policies and location identifiers.
- Defining geographical areas to implement policies for mobile-computing devices may pose another challenge to current technologies.
- Methods that allow for creative and intuitive identifying of geographical areas in which to implement a policy may save time and money. For example, a location owner may manage a building in close proximity to other buildings. Such proximity may require technologies that can define policy areas with more accuracy and specificity.
- FIG. 1 is an illustration of exemplary system 100 capable of receiving verification from a source and implementing mobile-computing-device policy based on that verification.
- a library may utilize a server-based system similar to exemplary system 100 in order to better regulate mobile-computing-device policy on library premises.
- the system may include verifying that the library administrator is authorized to provide mobile-computing device policy for the library.
- an independent party may verify that the library administrator is in charge of policy and authorized to provide policy for the library.
- Exemplary system 100 may include a computing device 102 .
- Computing device 102 may include policy module 104 , location module 106 , policy-location-information database 108 , implementation module 110 , and verification mechanism 112 .
- Computing device 102 may comprise computer code operable to perform various embodiments of the instant disclosure.
- Policy module 104 may be configured to receive a first mobile-computing-device policy, and location module 106 may be configured to identify a first physical location. Policy module 104 may receive a single policy or multiple policies and store the policies in policy-location-information database 108 . Likewise, location module 106 may identify a single or multiple physical locations and store the locations in policy-location-information database 108 . Policy-location-information database 108 may also store other data regarding the first mobile-computing-device policy, the first physical location, and/or the associations between the policy and location, as will be discussed in FIG. 2 .
- Implementation module 110 may be configured to enforce, based on the verification, the first mobile-computing-device policy at the first physical location.
- implementation module 110 may be located on a mobile-computing device.
- implementation module 110 may be served-based software, or may be part of the server and/or the mobile-computing device.
- the mobile computing device may include, without limitation, a laptop, a mobile phone, or a personal digital assistant.
- Verification mechanism 112 may be configured to verify authorization of a source.
- verification mechanism 112 may be responsible for verifying a person who claims to have authority to administer policy at a school is actually authorized to do so.
- verification mechanism 112 may include elements separate from computing device 102 .
- verification mechanism 112 may include software that tells a device to send a letter to the physical address of a first physical location. Verification mechanism 112 may also send the letter itself or cause the letter to be sent.
- FIG. 2 illustrates a method 200 for receiving verification that a source is authorized to provide mobile-computing-device policy for a first physical location and then implementing, based on that verification, the first mobile-computing device policy with the first physical location.
- Method 200 may be implemented using a system similar to exemplary system 100 . Each step in the method may be performed by a computing device such as computing device 102 , and the steps of method 200 may occur in a different order than illustrated in FIG. 2 .
- the verification mechanism may receive verification that a source is authorized to provide mobile-computing-device policy for a first physical location.
- Receiving verification may comprise receiving verification that a source is authorized.
- Receiving verification may also include verifying that the source is authorized.
- the verification mechanism may verify the source is authorized by contacting the owner of a hospital and verifying that the hospital owner is authorized to provide mobile-computing device policy for the hospital.
- the process of verifying that a source is authorized may be performed separate from the verification mechanism, and the verification mechanism may simply receive the verification.
- the verification mechanism may access a database to verify that the source is authorized to provide policies for the physical location.
- a third party may verify that that hospital owner is authorized to provide policy for a hospital and store that information in a database. The verification mechanism may then access and search the database to verify that the hospital owner may provide policy for the hospital.
- mobile-computing-device policy may refer generally to the overall mobile-computing-device policy of the first physical location, which may include multiple policies. In some embodiments, the phrase may refer to the area in which the policies may be implemented. For example, the hospital owner may be authorized to provide the physical location of the hospital as well as the policies that should be enforced within that physical location. In some embodiments, the hospital owner may do nothing more than define the physical locations for a mobile-computing-device policy to be implemented.
- a computing device may receive a first mobile-computing-device policy.
- the first-mobile-computing-device policy may be setting policies or usage policies. Examples of policies may include, but are not limited to, a ringer setting, a lighting setting, an incoming call setting, an outgoing call setting, a power setting, an email setting, a voicemail setting, a sound setting, a network setting, a network access setting, a network usage setting, a camera setting, a global positioning system setting, a messaging setting, a bluetooth setting, an infrared data association setting, an installed application setting, a built-in application setting, and/or a communication setting.
- the first mobile-computing-device policy may contain at least one of the above examples.
- the policy may be received from the source through an internet-based interface.
- the hospital owner may access, via the internet, a server similar to computing device 102 .
- Policy module 104 may be server-based software configured to provide the hospital owner with a graphical user interface for inputting the policy.
- the hospital owner may select the policy from a set of pre-defined policies. Policy module 104 may then store the policy in a database similar to policy-location-information database 108 along with any other relevant information or data concerning the policy.
- a computing device such as computing device 102 in FIG. 1 may identify the first physical location.
- the physical location may generally refer to a real world location.
- the real-world physical location of the hospital may be referred to as the first physical location.
- the process of identifying may be performed in various non-limiting embodiments.
- identifying the first physical location may be receiving, from the source, geographical coordinates of the first physical location.
- indentifying the first physical location may include receiving, from the source, boundaries of the first physical location.
- indentifying the first physical location may include receiving, from the source, an address of the first physical location.
- the identification of the first physical location may be stored in a database similar to policy-location-information database 108 .
- geographical coordinates identifying the boundaries of the hospital may be stored in a database along with policy information.
- a computing device similar to computing device 102 in FIG. 1 may associate the first mobile-computing-device policy with the first physical location and may store these associations in a database similar to policy-location-information database 108 .
- a computing device similar to computing device 102 of FIG. 1 may implement, based on the verification (step 210 ), the first mobile-computing-device policy at the first physical location. Methods and systems for implementing mobile-computing-device policy are described with greater detail in connection to FIG. 8 .
- the source may be a location-policy administrator authorized to provide the first policy for the first location.
- location-policy administrators may include, but are not limited to, owners of restaurants, principals of schools, owners of hospitals, administrators or owners of churches, airport administrators, theater owners, or any other person or group authorized to provide policy for their respective locations.
- receiving the first mobile-computing-device policy may include identifying that the first mobile-computing-device policy is received from the location-policy administrator.
- the principal of a school may be required to provide a login username and password to access an internet-based interface capable of receiving a policy for the location.
- FIGS. 1 and 2 The following discussion provides an example of how the principles of FIGS. 1 and 2 may be implement.
- a principal of a school may desire to regulate the use of mobile-computing devices on school grounds.
- the principal may wish to provide a policy that turns the ringer setting of cell phones off.
- a computing device similar to computing device 102 in FIG. 1 may verify that the principal is authorized to provide mobile-computing-device policy for the school.
- the principal in this example, may have already been verified as authorized by a third party and the verification mechanism have received this verification.
- a policy module may receive a policy from the principal defining that the ringer settings are to be turned off for all cell phones while on school premises.
- a location module may receive an address of the school from the principal. In some embodiments, the location module may be configured to receive an address and identify, based on the address, the physical location (e.g., geographical coordinates or boundaries) of the school.
- the no-ring setting for cell phones may be associated with the school boundaries and stored in a database similar to policy-location-information database 108 .
- an implementation module may enforce the mobile-computing-device policy within the boundaries of the school.
- the computing device may contain pre-defined policies for certain physical locations.
- the computing device may contain a pre-defined policy for all schools.
- the computing device may, upon discovering that the location is a school, associate the pre-defined policy with geographical coordinates that correspond to the school.
- the principal may only need to specify that the first physical location is a school, and the pre-defined policy associated with schools may be automatically applied.
- FIG. 3 illustrates an exemplary method 300 for receiving verification that a source is authorized to provide mobile-computing-device policy for a first physical location.
- Method 300 shows exemplary communications between a source 302 and a verification mechanism 304 .
- source 302 may be a client device or terminal accessible by a location owner, a location-policy administrator, or any person or source authorized to provide policies for a physical location.
- the manager of a restaurant may be a source authorized to define policies for the first physical location (e.g., the restaurant)
- verification mechanism 304 may be any mechanism configured to send notifications to a source, receive confirmations from a source, and/or verify that the source is authorized to provide mobile-computing-device policy.
- verification mechanism 304 may be software capable of identifying when verification of a source is needed and may prompt mail to be sent to the physical address.
- the mail may include a password for a policy-administrator account or other information that the source may used to confirm that the source received the mail and/or is authorized to provide policies for the physical location.
- the mail may direct the source to call a verification phone number or reply by mailing a letter to a verification administrator.
- Verification mechanism 304 may also include software capable of identifying when confirmation mail has been returned or when a source has been verified over the phone. For example, the location administrator of a school may either mail back a notification confirmation or call to verify over the phone. A verification administrator may store verification information in a database configured to allow a computing device, such as computing device 102 , retrieve verification information.
- verification mechanism 304 may send a notification to source 302 in any of methods previously discussed.
- the source may receive confirmation information contained within the notification.
- Confirmation information may be any information that is required to be returned or verified by the source in order to complete the authorization process. Confirmation may include, but is not limited to, personal identification numbers (PINs), passwords, identification information, confirmation numbers, or any other suitable information that may be returned or provided by the source in order to complete the verification process.
- PINs personal identification numbers
- passwords passwords
- identification information identification information
- confirmation numbers or any other suitable information that may be returned or provided by the source in order to complete the verification process.
- verification mechanism 304 may receive confirmation from the source.
- confirmation may be received via any suitable method including mail, email, third party verification, or telephone verification.
- the verification mechanism may store the confirmation.
- the principal of a school may want to regulate the usage of cell-phones.
- the principal may have provide policies and location information before being verified as a source authorized to provide policies for the school.
- the verification mechanism may initiate a verification process before implementing the policies for the school.
- verification mechanism 304 may poll a database (e.g., policy-location-information database 108 ) to determine whether the principal is authorized to provide policies for the school.
- the verification mechanism may send a notification to a physical address of the school, as previously discussed.
- FIG. 4 illustrates and exemplary method 400 for receiving multiple policies and identifying multiple locations.
- a system similar to exemplary system 100 may be used to implement one or more of the steps in FIG. 4 .
- a verification mechanism may receive verification that a source is authorized to provide mobile-computing-device policy for a first physical location.
- a policy module may receive a first mobile-computing device policy.
- a location module may identify the first physical location.
- a computing device similar to computing device 102 may then associate the first mobile-computing-device policy with the first physical location (step 440 ).
- the location module may receive a set of geographical coordinates that correspond to a sub-region within the first physical location. For example, the location module may receive a set of 5 coordinates that define a boundary for a school (first physical location), and then a set of 4 coordinates that define a library area (sub-region) within the school.
- the policy module may receive a second mobile-computing-device policy. For example, a principal may choose a “no-ring” setting for the first policy and a “no incoming calls” setting for the second policy.
- the computing device may associate the second mobile-computing-device policy with the sub-region.
- the implementation module may implement, based on the verification, the first mobile-computing device policy at the first physical location.
- FIG. 5 illustrates a method for receiving and implementing policies for multiple sub-regions.
- a verification mechanism may receive verification that a source is authorized to provide mobile-computing-device policies for a first physical location.
- a policy module may then receive a first mobile-computing-device policy (step 520 ).
- a location module may receive a first set of geographical coordinates that correspond to a first sub-region within the first physical location.
- the location module may receive a second set of geographical coordinates that correspond to a second sub-region within the first physical location.
- a computing device similar to computing device 102 may associate the first mobile-computing-device policy with the first sub-region, and at step 560 the computing device may associate a second mobile-computing-device with the second sub-region.
- an implementation module may implement, based on the verification, first mobile-computing-device policy at the first physical location.
- the physical locations described in methods 400 and 500 may correspond to boundaries of buildings.
- a sub-region may be identified within the first physical location.
- FIG. 6 illustrates a first physical location and a sub-region located within the first physical location.
- a boundary 602 may be defined to encompass building 604 .
- a sub-boundary 612 may be defined to encompass a room 614 within building 604 .
- building 604 may be a school and room 614 may be the library of the school.
- a location module may identify boundary 602 as the first physical location.
- a policy may be received defining that all cell-phones within boundary 602 be on the lowest ringer setting and that incoming and outgoing calls would not be permitted except for during lunch hours.
- the location module may also identify sub-boundary 612 as geographical coordinates corresponding to a sub-region within the first physical location.
- a policy may be associated with sub-boundary 612 defining that all cell phones may be set to vibrate and no incoming or outgoing calls may be allowed except for emergency phone numbers.
- the policy may also state that laptops are fully functional but restricted from visiting certain websites.
- a physical location may be defined by a boundary of any shape or size.
- a boundary box may be defined using two geographical coordinates (e.g., latitude and longitude coordinates).
- a boundary may also be defined with more than two geographical coordinates and may provide a useful tool to develop boundaries unique to the physical locations they correspond to.
- identifying the first physical location includes receiving at least three coordinates. Boundaries of various different shapes and sizes may be defined by three or more geographical coordinates.
- physical locations and sub-regions may be identified by an internet-based interface.
- the internet-based interface may be provided by the location module.
- the interface may provide tools that allow a location-policy administrator to draw and/or define different shapes and boundaries to define the first physical location and sub-regions.
- software may be provided on a computing system similar to computing device 102 in FIG. 1 that allows a principal of a school to identify the boundaries of a school.
- the internet-based interface may provide tools for the principal to aid in developing unique shapes to fit the shape of the school and/or rooms within the school.
- a first physical location may include more than one sub-region.
- FIG. 7 illustrates exemplary drawings of multiple sub-regions.
- FIG. 7 illustrates a real-world location 700 .
- Real-world location 700 may include a boundary 702 defined to be around a building 704 .
- a sub-boundary 712 may be defined around an area 714
- a sub-boundary 722 may be defined around an area 724 .
- real-world location 700 may be located 1 in a city.
- Building 704 may be a church
- area 714 may be a chapel within the church
- area 724 may be a community center within the church.
- Boundary 702 may be referred to as a physical location.
- Sub-boundary 712 and sub-boundary 722 may be referred to as first and second sub-regions.
- a pastor may want to define policy that will turn off cell-phones for members of the congregation in the chapel and allow limited cell phone use in the community center. The pastor may also want to allow full use of cell-phones in anywhere else in the church (e.g., hallways, bathrooms, foyers).
- Boundary 702 being the whole church, may not be associated with any policy.
- Sub-boundary 712 may be associated with the chapel's “no cell phone usage” policy.
- Sub-boundary may 722 may be associated with the community center's “limited cell phone use” policy.
- implementing the first mobile-computing-device policy includes determining that a mobile-computing device is within the first physical location.
- FIG. 8 is an illustration of exemplary method 800 for implementing, based on the verification, the first mobile-computing-device policy at the first physical location.
- Method 800 shows exemplary communications between an implementation module 810 and a mobile-computing device 820 .
- mobile-computing device 820 may transmit location information to implementation module 810 .
- a cell phone may transmit GPS coordinates or may use any other triangulation or location technology to determine where the cell phone is located.
- implementation module 810 may receive location information.
- implementation module 810 may associate the location information with a mobile-computing-device policy.
- implementation module 836 may transmit the policy to the mobile-computing device.
- the policy may be implemented (e.g., enforced) on the mobile-computing device.
- FIG. 8 may correspond to exemplary embodiments of FIG. 7 .
- a church patron's cell phone may transmit a GPS signal to an implementation module server every five seconds.
- the cell phone may transmit GPS coordinates to the implementation module.
- the implementation module may receive the patron's cell phones coordinates and search for a database for an associated policy. Because there may be no policy associated with building 704 , no policy will be transmitted to the patron's cell phone.
- the cell phone may transmit its GPS again to implementation module 810 .
- the implementation may associate the location information of the patron's cell phone with the policy for sub-boundary 712 (the chapel's policy). At step 836 this policy may then be transmitted to the patron's cell phone, and at step 838 the cell phone may enforce the policy by turning off while in the chapel.
- receiving verification that a source is authorized to provide mobile-computing-device policies may comprise receiving verification that a source has authority to create or change one or more mobile-computing device policies associated with a physical location.
- receiving a first mobile-computing device policy may comprise allowing a location administrator to set or select one or more device-setting policies for a particular mobile-computing device or a set of mobile-computing devices.
- a location administrator may be provided with an account that allows the administrator to input or change policies for a mobile-computing device. The location administrator may input mobile-computing device policies through an Internet-based interface or any other suitable interface.
- identifying a first physical location may comprise receiving, from the administrator, geographical coordinates of the first physical location. As previously discussed, identifying the first physical location may comprise receiving, from the administrator, boundaries of the first physical location. In at least one embodiment, identifying the first physical location may comprise receiving an address of the first physical location. In such embodiments, the address may be converted into geographical coordinates or any other suitable boundary definition for the first physical location.
- the management module may store the mobile-computing device and the identification of the first physical location in a record.
- the record may be stored in a database or any other suitable storage mechanism.
- an implementation module may implement the mobile-computing-device policy on the mobile computing device.
- implementing a mobile-computing-device policy may comprise changing a first setting on the first mobile-computing device while the first mobile-computing device is within the first physical location.
- the setting may be associated with the first mobile-computing device policy.
- the setting may be a volume setting
- the mobile-computing-device policy may be a volume level of “3.”
- Implementing the first mobile-computing-device policy may comprise changing the volume level on the device to “3” if the volume level is not already set to “3.” If the volume level is already set to “3,” the mobile-computing device may verify that the volume level matches the mobile-computing-device policy. In other embodiments, the mobile-computing device may do nothing if the volume level already matches the mobile-computing-device policy.
- FIG. 9 is a block diagram of an exemplary computing system 910 capable of implementing one or more of the embodiments described and/or illustrated herein.
- Computing system 910 broadly represents any single or multi-processor computing device or system capable of executing computer-readable instructions. Examples of computing system 910 include, without limitation, workstations, laptops, client-side terminals, servers, distributed computing systems, handheld devices, or any other computing system or device. In its most basic configuration, computing system 910 may comprise at least one processor 914 and a system memory 916 .
- Processor 914 generally represents any type or form of processing unit capable of processing data or interpreting and executing instructions.
- processor 914 may receive instructions from a software application or module. These instructions may cause processor 914 to perform the functions of one or more of the exemplary embodiments described and/or illustrated herein.
- processor 914 may perform and/or be a means for performing, either alone or in combination with other elements, one or more of the receiving, comparing, identifying, transmitting, receiving, broadcasting, and determining steps described herein.
- Processor 914 may also perform and/or be a means for performing any other steps, methods, or processes described and/or illustrated herein.
- System memory 916 generally represents any type or form of volatile or non-volatile storage device or medium capable of storing data and/or other computer-readable instructions. Examples of system memory 916 include, without limitation, random access memory (RAM), read only memory (ROM), flash memory, or any other suitable memory device. Although not required, in certain embodiments computing system 910 may comprise both a volatile memory unit (such as system memory 916 ) and a non-volatile storage device (such as primary storage device 932 , as described in detail below).
- RAM random access memory
- ROM read only memory
- flash memory or any other suitable memory device.
- computing system 910 may comprise both a volatile memory unit (such as system memory 916 ) and a non-volatile storage device (such as primary storage device 932 , as described in detail below).
- exemplary computing system 910 may also comprise one or more components or elements in addition to processor 914 and system memory 916 .
- computing system 910 may comprise a memory controller 918 , an Input/Output (I/O) controller 920 , and a communication interface 922 , each of which may be interconnected via a communication infrastructure 912 .
- Communication infrastructure 912 generally represents any type or form of infrastructure capable of facilitating communication between one or more components of a computing device. Examples of communication infrastructure 912 include, without limitation, a communication bus (such as an ISA, PCI, PCIe, or similar bus) and a network.
- Memory controller 918 generally represents any type or form of device capable of handling memory or data or controlling communication between one or more components of computing system 910 .
- memory controller 918 may control communication between processor 914 , system memory 916 , and I/O controller 920 via communication infrastructure 912 .
- memory controller may perform and/or be a means for performing, either alone or in combination with other elements, one or more of the steps or features described and/or illustrated herein, such as receiving, comparing, identifying, transmitting, receiving, broadcasting, and determining.
- I/O controller 920 generally represents any type or form of module capable of coordinating and/or controlling the input and output functions of a computing device.
- I/O controller may control or facilitate transfer of data between one or more elements of computing system 910 , such as processor 914 , system memory 916 , communication interface 922 , display adapter 926 , input interface 930 , and storage interface 934 .
- I/O controller 920 may be used, for example, to perform and/or be a means for performing, either alone or in combination with other elements, one or more of the receiving, comparing, identifying, transmitting, receiving, broadcasting, and determining steps described herein.
- I/O controller 920 may also be used to perform and/or be a means for performing other steps and features set forth in the instant disclosure.
- Communication interface 922 broadly represents any type or form of communication device or adapter capable of facilitating communication between exemplary computing system 910 and one or more additional devices.
- communication interface 922 may facilitate communication between computing system 910 and a private or public network comprising additional computing systems.
- Examples of communication interface 922 include, without limitation, a wired network interface (such as a network interface card), a wireless network interface (such as a wireless network interface card), a modem, and any other suitable interface.
- communication interface 922 may provide a direct connection to a remote server via a direct link to a network, such as the Internet.
- Communication interface 922 may also indirectly provide such a connection through, for example, a local area network (such as an Ethernet network), a personal area network (such as a BLUETOOTH network), a telephone or cable network, a cellular telephone connection, a satellite data connection, or any other suitable connection.
- a local area network such as an Ethernet network
- a personal area network such as a BLUETOOTH network
- a telephone or cable network such as a cellular telephone connection, a satellite data connection, or any other suitable connection.
- communication interface 922 may also represent a host adapter configured to facilitate communication between computing system 910 and one or more additional network or storage devices via an external bus or communications channel.
- host adapters include, without limitation, SCSI host adapters, USB host adapters, IEEE 1394 host adapters, SATA and eSATA host adapters, ATA and PATA host adapters, Fibre Channel interface adapters, Ethernet adapters, or the like.
- Communication interface 922 may also allow computing system 910 to engage in distributed or remote computing. For example, communication interface 922 may receive instructions from a remote device or send instructions to a remote device for execution.
- communication interface 922 may perform and/or be a means for performing, either alone or in combination with other elements, one or more of the receiving, comparing, identifying, transmitting, receiving, broadcasting, and determining steps disclosed herein. Communication interface 922 may also be used to perform and/or be a means for performing other steps and features set forth in the instant disclosure.
- computing system 910 may also comprise at least one display device 924 coupled to communication infrastructure 912 via a display adapter 926 .
- Display device 924 generally represents any type or form of device capable of visually displaying information forwarded by display adapter 926 .
- display adapter 926 generally represents any type or form of device configured to forward graphics, text, and other data from communication infrastructure 912 (or from a frame buffer, as known in the art) for display on display device 924 .
- exemplary computing system 910 may also comprise at least one input device 928 coupled to communication infrastructure 912 via an input interface 930 .
- Input device 928 generally represents any type or form of input device capable of providing input, either computer or human generated, to exemplary computing system 910 .
- Examples of input device 928 include, without limitation, a keyboard, a pointing device, a speech recognition device, or any other input device.
- input device 928 may perform and/or be a means for performing, either alone or in combination with other elements, one or more of the receiving, comparing, identifying, transmitting, receiving, broadcasting, and determining steps disclosed herein.
- Input device 928 may also be used to perform and/or be a means for performing other steps and features set forth in the instant disclosure.
- exemplary computing system 910 may also comprise a primary storage device 932 and a backup storage device 933 coupled to communication infrastructure 912 via a storage interface 934 .
- Storage devices 932 and 933 generally represent any type or form of storage device or medium capable of storing data and/or other computer-readable instructions.
- storage devices 932 and 933 may be a magnetic disk drive (e.g., a so-called hard drive), a floppy disk drive, a magnetic tape drive, an optical disk drive, a flash drive, or the like.
- Storage interface 934 generally represents any type or form of interface or device for transferring data between storage devices 932 and 933 and other components of computing system 910 .
- storage devices 932 and 933 may be configured to read from and/or write to a removable storage unit configured to store computer software, data, or other computer-readable information.
- suitable removable storage units include, without limitation, a floppy disk, a magnetic tape, an optical disk, a flash memory device, or the like.
- Storage devices 932 and 933 may also comprise other similar structures or devices for allowing computer software, data, or other computer-readable instructions to be loaded into computing system 910 .
- storage devices 932 and 933 may be configured to read and write software, data, or other computer-readable information.
- Storage devices 932 and 933 may also be a part of computing system 910 or may be a separate device accessed through other interface systems.
- the exemplary file systems disclosed herein may be stored on primary storage device 932
- the exemplary file-system backups disclosed herein may be stored on backup storage device 933 .
- Storage devices 932 and 933 may also be used, for example, to perform and/or be a means for performing, either alone or in combination with other elements, one or more of the receiving, comparing, identifying, transmitting, receiving, broadcasting, and determining steps disclosed herein.
- Storage devices 932 and 933 may also be used to perform and/or be a means for performing other steps and features set forth in the instant disclosure.
- computing system 910 may be connected to many other devices or subsystems. Conversely, all of the components and devices illustrated in FIG. 9 need not be present to practice the embodiments descried and/or illustrated herein. The devices and subsystems referenced above may also be interconnected in different ways from that shown in FIG. 9 .
- Computing system 910 may also employ any number of software, firmware, and/or hardware configurations. For example, one or more of the exemplary embodiments disclosed herein may be encoded as a computer program (also referred to as computer software, software applications, computer-readable instructions, or computer control logic) on a computer-readable medium.
- the phrase “computer-readable medium” generally refers to any form of device, carrier, or medium capable of storing or carrying computer-readable instructions.
- Examples of computer-readable media include, without limitation, transmission-type media, such as carrier waves, and physical media, such as magnetic-storage media (e.g., hard disk drives and floppy disks), optical-storage media (e.g., CD- or DVD-ROMs), electronic-storage media (e.g., solid-state drives and flash media), and other distribution systems.
- transmission-type media such as carrier waves
- physical media such as magnetic-storage media (e.g., hard disk drives and floppy disks), optical-storage media (e.g., CD- or DVD-ROMs), electronic-storage media (e.g., solid-state drives and flash media), and other distribution systems.
- the computer-readable medium containing the computer program may be loaded into computing system 910 . All or a portion of the computer program stored on the computer-readable medium may then be stored in system memory 916 and/or various portions of storage devices 932 and 933 .
- a computer program loaded into computing system 910 may cause processor 914 to perform and/or be a means for performing the functions of one or more of the exemplary embodiments described and/or illustrated herein.
- one or more of the exemplary embodiments described and/or illustrated herein may be implemented in firmware and/or hardware.
- computing system 910 may be configured as an application specific integrated circuit (ASIC) adapted to implement one or more of the exemplary embodiments disclosed herein.
- ASIC application specific integrated circuit
- FIG. 10 is a block diagram of an exemplary network architecture 1000 in which client systems 1010 , 1020 , and 1030 and servers 1040 and 1045 may be coupled to a network 1050 .
- Client systems 1010 , 1020 , and 1030 generally represent any type or form of computing device or system, such as exemplary computing system 910 in FIG. 9 .
- servers 1040 and 1045 generally represent computing devices or systems, such as application servers or database servers, configured to provide various database services and/or to run certain software applications.
- Network 1050 generally represents any telecommunication or computer network; including, for example, an intranet, a wide area network (WAN), a local area network (LAN), a personal area network (PAN), or the Internet.
- WAN wide area network
- LAN local area network
- PAN personal area network
- one or more storage devices 1060 ( 1 )-(N) may be directly attached to server 1040 .
- one or more storage devices 1090 ( 1 )-(N) may be directly attached to server 1045 .
- Storage devices 1060 ( 1 )-(N) and storage devices 1090 ( 1 )-(N) generally represent any type or form of storage device or medium capable of storing data and/or other computer-readable instructions.
- storage devices 1060 ( 1 )-(N) and storage devices 1090 ( 1 )-(N) may represent network-attached storage (NAS) devices configured to communicate with servers 1040 and 1045 using various protocols, such as NFS, SMB, or CIFS.
- NAS network-attached storage
- Servers 1040 and 1045 may also be connected to a storage area network (SAN) fabric 1080 .
- SAN fabric 1080 generally represents any type or form of computer network or architecture capable of facilitating communication between a plurality of storage devices.
- SAN fabric 1080 may facilitate communication between servers 1040 and 1045 and a plurality of storage devices 1090 ( 1 )-(N) and/or an intelligent storage array 1095 .
- SAN fabric 1080 may also facilitate, via network 1050 and servers 1040 and 1045 , communication between client systems 1010 , 1020 , and 1030 and storage devices 1090 ( 1 )-(N) and/or intelligent storage array 1095 in such a manner that storage devices 1090 ( 1 )-(N) and intelligent storage array 1095 appear as locally attached devices to client systems 1010 , 1020 , and 1030 .
- storage devices 1060 ( 1 )-(N) and storage devices 1070 ( 1 )-(N) storage devices 1090 ( 1 )-(N) and intelligent storage array 1095 generally represent any type or form of storage device or medium capable of storing data and/or other computer-readable instructions.
- a communication interface such as communication interface 922 in FIG. 9
- Client systems 1010 , 1020 , and 1030 may be able to access information on servers 1040 or 1045 using, for example, a web browser or other client software.
- client software may allow client systems 1010 , 1020 , and 1030 to access data hosted by server 1040 , server 1045 , storage devices 1060 ( 1 )-(N), storage devices 1070 ( 1 )-(N), storage devices 1090 ( 1 )-(N), or intelligent storage array 1095 .
- FIG. 10 depicts the use of a network (such as the Internet) for exchanging data, the embodiments described and/or illustrated herein are not limited to the Internet or any particular network-based environment.
- all or a portion of one or more of the exemplary embodiments disclosed herein may be encoded as a computer program and loaded onto and executed by server 1040 , server 1045 , storage devices 1060 ( 1 )-(N), storage devices 1070 ( 1 )-(N), storage devices 1090 ( 1 )-(N), intelligent storage array 1095 , or any combination thereof. All or a portion of one or more of the exemplary embodiments disclosed herein may also be encoded as a computer program, stored in server 1040 , run by server 1045 , and distributed to client systems 1010 , 1020 , and 1030 over network 1050 .
- network architecture 1000 may perform and/or be a means for performing, either alone or in combination with other elements, one or more of the receiving, comparing, identifying, transmitting, receiving, broadcasting, and determining steps disclosed herein.
- Network architecture 1000 may also be used to perform and/or be a means for performing other steps and features set forth in the instant disclosure.
- computing system 1010 and/or one or more of the components of network architecture 1000 may perform and/or be a means for performing, either alone or in combination with other elements, one or more steps of the exemplary methods described and/or illustrated herein.
- this exemplary computer-implemented method may comprise identifying login information for a first user account associated with the first online community, accessing the first user account using the login information from the first user account, obtaining information from the first user account, and modifying, based on the information obtained from the first user account, a second user account associated with the second online community.
- identifying the login information for the first user account may comprise receiving the login information for the first user account from a user or retrieving the login information from the first user account from a login-information database.
- the method may further comprise, prior to modifying the second user account associated with the second online community, identifying login information for the second user account and accessing the second user account using the login information for the second user account.
- the method may also further comprise obtaining information from the second user account and modifying, based on the information obtained from the second user account, the first user account.
- accessing the first user account may comprise logging in to the first user account using the login information for the first user account. Accessing the first user account may also comprise accessing the first user account using a community-specific access module. In addition, obtaining information from the first user account may comprise receiving computer-readable data associated with the first user account or extracting human-readable data associated with the first user account.
- the information obtained from the first user account may comprise user-account data.
- the information obtained from the first user account may also comprise at least one contact record, which may comprise contact identification information, an email address, a phone number, a fax number, a mailing address, a website address, or an instant-messaging address.
- modifying the second user account may comprise editing, based on the information obtained from the first user account, at least one preexisting contact record, creating, based on the information obtained from the first user account, at least one new contact record, or deleting at least one contact record.
- modifying the second user account may comprise creating the second user account and the second online community, creating, based on the information obtained from the first user account, at least one new contact record for the second user account, and transmitting an invitation to join the second online community to a contact identified in the at least one new contact record.
- the method may also comprise providing a graphical user interface that allows a user to modify login information, community access settings, community synchronization settings, or the like.
- the method may also comprise modifying, based on the information obtained from the first user account, a third user account associated with a third online community.
- the method may further comprise, prior to accessing the first user account, receiving a request from a user to synchronize the first user account with the second user account.
- Computing system 1010 and/or one or more of the components of network architecture 1000 may also represent all or portions of exemplary system 100 in FIG. 1 .
- computing system 1010 and/or one or more of the components of network architecture 1000 may represent portions of a system for automatically synchronizing online communities, which system may comprise a login module for managing login information for at least a first user account associated with the first online community, a community-access module for accessing the first user account using the login information for the first user account, and obtaining information from the first user account, and a community synchronization module for modifying, based on the information obtained from the first user account, a second user account associated with the second online community.
- the community-access module may further comprise at least one community-specific access module.
- the system may further comprise a graphical-user-interface module for providing a graphical user interface that allows a user to modify login information, community access settings, or synchronization settings.
- the system may also comprise a login-information database for storing login information for user accounts associated with online communities, and obtain-information data base for storing information obtained from online communities, and a community-specific-access-module database for storing community-specific access modules.
- a login-information database for storing login information for user accounts associated with online communities
- obtain-information data base for storing information obtained from online communities
- a community-specific-access-module database for storing community-specific access modules.
- all or portions of exemplary system 100 in FIG. 1 may represent a software application or program that, when executed by a computing device, may cause the computing device to perform one or more tasks required to automatically synchronize online communities.
- all or portions of exemplary system 100 in FIG. 1 may represent computer-readable media comprising one or more computer-executable instructions that, when executed by a computing device, may cause a computing device to identify login information for a first user account associated with the first online community, access the first user account using the login information for the first user account, obtain information from the first user account, and modify, based on the information obtained from the first user account, a second user account associated with the second online community.
- these software modules may configure a computing system to perform one or more of the exemplary embodiments disclosed herein.
Abstract
Description
Claims (17)
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/967,975 US8112785B1 (en) | 2007-12-31 | 2007-12-31 | Systems and methods for administering policies for physical locations |
EP08869490A EP2232893A2 (en) | 2007-12-31 | 2008-12-29 | Methods and systems for policy and setting administration |
JP2010540921A JP2011522445A (en) | 2007-12-31 | 2008-12-29 | Method and system for managing policies and settings |
CN2008801228747A CN101953180A (en) | 2007-12-31 | 2008-12-29 | Methods and systems for policy and setting administration |
PCT/US2008/088410 WO2009088823A2 (en) | 2007-12-31 | 2008-12-29 | Methods and systems for policy and setting administration |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/967,975 US8112785B1 (en) | 2007-12-31 | 2007-12-31 | Systems and methods for administering policies for physical locations |
Publications (1)
Publication Number | Publication Date |
---|---|
US8112785B1 true US8112785B1 (en) | 2012-02-07 |
Family
ID=45532333
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/967,975 Active 2030-09-25 US8112785B1 (en) | 2007-12-31 | 2007-12-31 | Systems and methods for administering policies for physical locations |
Country Status (1)
Country | Link |
---|---|
US (1) | US8112785B1 (en) |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100175116A1 (en) * | 2009-01-06 | 2010-07-08 | Qualcomm Incorporated | Location-based system permissions and adjustments at an electronic device |
US20130018704A1 (en) * | 2011-07-13 | 2013-01-17 | Ying Liu | Systems and methods for determining school geographic boundaries and related searches |
US20130244639A1 (en) * | 2009-06-26 | 2013-09-19 | Sumiko Mochizuki | Wireless base station, wireless communication system, wireless communication method, and computer-readable medium storing device |
US8781500B1 (en) * | 2012-09-12 | 2014-07-15 | Google Inc. | Proprietor-controlled location-based setting of notification policies |
WO2014111934A1 (en) * | 2013-01-15 | 2014-07-24 | Netline Communications Technologies (N.C.T.) Ltd. | Method and apparatus for location-based security and policy enforcement for mobile devices |
US9219992B2 (en) | 2012-09-12 | 2015-12-22 | Google Inc. | Mobile device profiling based on speed |
US9781130B1 (en) * | 2012-06-28 | 2017-10-03 | EMC IP Holding Company LLC | Managing policies |
US20190253557A1 (en) * | 2013-11-26 | 2019-08-15 | Nokia Solutions And Networks Oy | Venue owner-controllable per-venue service configuration |
US10785263B2 (en) * | 2016-11-23 | 2020-09-22 | Intertrust Technologies Corporation | Mobile device service systems and methods using device orientation information |
EP3863318A1 (en) * | 2020-02-05 | 2021-08-11 | Lookout Inc. | Use of geolocation to improve security while protecting privacy |
US11276093B2 (en) * | 2009-05-29 | 2022-03-15 | Paypal, Inc. | Trusted remote attestation agent (TRAA) |
Citations (34)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6011973A (en) | 1996-12-05 | 2000-01-04 | Ericsson Inc. | Method and apparatus for restricting operation of cellular telephones to well delineated geographical areas |
US6122486A (en) | 1997-05-21 | 2000-09-19 | Nec Corporation | Transmission restricting device radio communication terminal equipment and transmission restricting system using these |
US20020075825A1 (en) * | 2000-12-14 | 2002-06-20 | Hills Alexander H. | Method for estimating signal strengths |
US20020090953A1 (en) | 2001-01-10 | 2002-07-11 | Maki Aburai | Communication method and communication system for controlling with limited area information |
US6496703B1 (en) | 1999-12-13 | 2002-12-17 | Lucent Technologies Inc. | System for disabling wireless communication devices |
US20030023880A1 (en) * | 2001-07-27 | 2003-01-30 | Edwards Nigel John | Multi-domain authorization and authentication |
US6577274B1 (en) * | 2001-12-19 | 2003-06-10 | Intel Corporation | Method and apparatus for controlling access to mobile devices |
WO2003079216A1 (en) | 2002-03-11 | 2003-09-25 | Verdisoft Corporation | System and method for adapting preferences based on device location or network topology |
US6701144B2 (en) | 2001-03-05 | 2004-03-02 | Qualcomm Incorporated | System for automatically configuring features on a mobile telephone based on geographic location |
US6721542B1 (en) | 1999-05-28 | 2004-04-13 | Nokia Corporation | System for location specific, automatic mobile station behavior control |
US6782266B2 (en) | 2001-08-31 | 2004-08-24 | Motorola, Inc. | Method of wireless communication in restricted wireless zones |
US6823199B2 (en) | 2001-06-29 | 2004-11-23 | Intel Corporation | System and method for controlling a wireless device notification alert |
US6832093B1 (en) | 1998-10-30 | 2004-12-14 | Nokia Mobile Phones Ltd. | Method and system for restricting the operation of a radio device within a certain area |
US6898445B2 (en) | 2000-09-07 | 2005-05-24 | Telefonaktiebolaget Lm Ericsson (Publ) | Politeness zones for wireless communication devices |
US20050170850A1 (en) | 2004-02-04 | 2005-08-04 | Eric Edwards | Methods and apparatuses for selectively disabling functionality of a device |
US6937868B2 (en) | 2002-01-16 | 2005-08-30 | International Business Machines Corporation | Apparatus and method for managing a mobile phone answering mode and outgoing message based on a location of the mobile phone |
US6961561B2 (en) | 2002-01-16 | 2005-11-01 | International Business Machines Corporation | Enhancing/limiting use of mobile electronic devices |
US6973333B1 (en) | 2001-04-10 | 2005-12-06 | At&T Corp. | Modification of portable communications device operation in vehicles |
WO2005117295A1 (en) | 2004-04-14 | 2005-12-08 | Lg Electronics Inc. | Location information system reflecting user preferences and service providing method |
US20050282559A1 (en) | 2003-02-25 | 2005-12-22 | Boston Communications Group, Inc. | Method and system for providing supervisory control over wireless phone data usage |
US20060014547A1 (en) | 2004-07-13 | 2006-01-19 | Sbc Knowledge Ventures, L.P. | System and method for location based policy management |
US6993329B2 (en) | 2000-05-31 | 2006-01-31 | Hyundai Curitel, Inc. | Apparatus and method for automatically switching communication/communication suppression mode of wireless communication terminal |
US20060099965A1 (en) * | 2004-11-10 | 2006-05-11 | Aaron Jeffrey A | Methods, systems and computer program products for remotely controlling wireless terminals |
US7069027B2 (en) | 2001-10-23 | 2006-06-27 | Motorola, Inc. | Silent zone muting system |
US7076255B2 (en) | 2000-04-05 | 2006-07-11 | Microsoft Corporation | Context-aware and location-aware cellular phones and methods |
US7107038B2 (en) | 1999-02-26 | 2006-09-12 | Openwave Systems Inc. | Method for determining if the location of a wireless communication device is within a specified area |
US7194273B2 (en) | 2004-02-12 | 2007-03-20 | Lucent Technologies Inc. | Location based service restrictions for mobile applications |
US7231219B2 (en) | 2002-12-17 | 2007-06-12 | International Business Machines Corporation | Method, apparatus, and program for automated property adjustment in a cellular network |
US7263367B1 (en) | 1999-04-28 | 2007-08-28 | Sabot Associates, Inc. | Systems and methods for setting a mode of operation of electronic devices |
US7272403B2 (en) | 2005-12-02 | 2007-09-18 | International Business Machines Corporation | Selective enablement and disablement of a mobile communications device based upon location |
US7356406B2 (en) | 2002-02-11 | 2008-04-08 | Landnet Corporation | Land software tool |
US7451195B1 (en) * | 1998-11-16 | 2008-11-11 | Lucent Technologies Inc. | Method and system for operating a PDA for use with an IP phone device |
US7469139B2 (en) * | 2004-05-24 | 2008-12-23 | Computer Associates Think, Inc. | Wireless manager and method for configuring and securing wireless access to a network |
WO2009088823A2 (en) | 2007-12-31 | 2009-07-16 | Symantec Corporation | Methods and systems for policy and setting administration |
-
2007
- 2007-12-31 US US11/967,975 patent/US8112785B1/en active Active
Patent Citations (34)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6011973A (en) | 1996-12-05 | 2000-01-04 | Ericsson Inc. | Method and apparatus for restricting operation of cellular telephones to well delineated geographical areas |
US6122486A (en) | 1997-05-21 | 2000-09-19 | Nec Corporation | Transmission restricting device radio communication terminal equipment and transmission restricting system using these |
US6832093B1 (en) | 1998-10-30 | 2004-12-14 | Nokia Mobile Phones Ltd. | Method and system for restricting the operation of a radio device within a certain area |
US7451195B1 (en) * | 1998-11-16 | 2008-11-11 | Lucent Technologies Inc. | Method and system for operating a PDA for use with an IP phone device |
US7107038B2 (en) | 1999-02-26 | 2006-09-12 | Openwave Systems Inc. | Method for determining if the location of a wireless communication device is within a specified area |
US7263367B1 (en) | 1999-04-28 | 2007-08-28 | Sabot Associates, Inc. | Systems and methods for setting a mode of operation of electronic devices |
US6721542B1 (en) | 1999-05-28 | 2004-04-13 | Nokia Corporation | System for location specific, automatic mobile station behavior control |
US6496703B1 (en) | 1999-12-13 | 2002-12-17 | Lucent Technologies Inc. | System for disabling wireless communication devices |
US7076255B2 (en) | 2000-04-05 | 2006-07-11 | Microsoft Corporation | Context-aware and location-aware cellular phones and methods |
US6993329B2 (en) | 2000-05-31 | 2006-01-31 | Hyundai Curitel, Inc. | Apparatus and method for automatically switching communication/communication suppression mode of wireless communication terminal |
US6898445B2 (en) | 2000-09-07 | 2005-05-24 | Telefonaktiebolaget Lm Ericsson (Publ) | Politeness zones for wireless communication devices |
US20020075825A1 (en) * | 2000-12-14 | 2002-06-20 | Hills Alexander H. | Method for estimating signal strengths |
US20020090953A1 (en) | 2001-01-10 | 2002-07-11 | Maki Aburai | Communication method and communication system for controlling with limited area information |
US6701144B2 (en) | 2001-03-05 | 2004-03-02 | Qualcomm Incorporated | System for automatically configuring features on a mobile telephone based on geographic location |
US6973333B1 (en) | 2001-04-10 | 2005-12-06 | At&T Corp. | Modification of portable communications device operation in vehicles |
US6823199B2 (en) | 2001-06-29 | 2004-11-23 | Intel Corporation | System and method for controlling a wireless device notification alert |
US20030023880A1 (en) * | 2001-07-27 | 2003-01-30 | Edwards Nigel John | Multi-domain authorization and authentication |
US6782266B2 (en) | 2001-08-31 | 2004-08-24 | Motorola, Inc. | Method of wireless communication in restricted wireless zones |
US7069027B2 (en) | 2001-10-23 | 2006-06-27 | Motorola, Inc. | Silent zone muting system |
US6577274B1 (en) * | 2001-12-19 | 2003-06-10 | Intel Corporation | Method and apparatus for controlling access to mobile devices |
US6937868B2 (en) | 2002-01-16 | 2005-08-30 | International Business Machines Corporation | Apparatus and method for managing a mobile phone answering mode and outgoing message based on a location of the mobile phone |
US6961561B2 (en) | 2002-01-16 | 2005-11-01 | International Business Machines Corporation | Enhancing/limiting use of mobile electronic devices |
US7356406B2 (en) | 2002-02-11 | 2008-04-08 | Landnet Corporation | Land software tool |
WO2003079216A1 (en) | 2002-03-11 | 2003-09-25 | Verdisoft Corporation | System and method for adapting preferences based on device location or network topology |
US7231219B2 (en) | 2002-12-17 | 2007-06-12 | International Business Machines Corporation | Method, apparatus, and program for automated property adjustment in a cellular network |
US20050282559A1 (en) | 2003-02-25 | 2005-12-22 | Boston Communications Group, Inc. | Method and system for providing supervisory control over wireless phone data usage |
US20050170850A1 (en) | 2004-02-04 | 2005-08-04 | Eric Edwards | Methods and apparatuses for selectively disabling functionality of a device |
US7194273B2 (en) | 2004-02-12 | 2007-03-20 | Lucent Technologies Inc. | Location based service restrictions for mobile applications |
WO2005117295A1 (en) | 2004-04-14 | 2005-12-08 | Lg Electronics Inc. | Location information system reflecting user preferences and service providing method |
US7469139B2 (en) * | 2004-05-24 | 2008-12-23 | Computer Associates Think, Inc. | Wireless manager and method for configuring and securing wireless access to a network |
US20060014547A1 (en) | 2004-07-13 | 2006-01-19 | Sbc Knowledge Ventures, L.P. | System and method for location based policy management |
US20060099965A1 (en) * | 2004-11-10 | 2006-05-11 | Aaron Jeffrey A | Methods, systems and computer program products for remotely controlling wireless terminals |
US7272403B2 (en) | 2005-12-02 | 2007-09-18 | International Business Machines Corporation | Selective enablement and disablement of a mobile communications device based upon location |
WO2009088823A2 (en) | 2007-12-31 | 2009-07-16 | Symantec Corporation | Methods and systems for policy and setting administration |
Non-Patent Citations (8)
Title |
---|
Connelly et al.; On Negotiating Automatic Device Configuration in Smart Environments; 2004; PERCOMW, pp. 213. |
Cooley, Shaun; U.S. Appl. No. 11/967,915, filed Dec. 31, 2007. |
Final Office Action received in related U.S. Appl. No. 11/967,915; Dec. 27, 2010. |
Final Office Action received in related U.S. Appl. No. 11/967,915; Feb. 5, 2010. |
Non-Final Office Action received in related U.S. Appl. No. 11/967,915; Jun. 25, 2010. |
Non-Final Office Action received in related U.S. Appl. No. 11/967,915; Sep. 17, 2009. |
Non-Final Office Action Received in U.S. Appl. No. 11/967,915; Jul. 12, 2011. |
Search Report and Written Opinion received in related International Application No. PCT/US2008/088410. |
Cited By (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9928500B2 (en) | 2009-01-06 | 2018-03-27 | Qualcomm Incorporated | Location-based system permissions and adjustments at an electronic device |
US8961619B2 (en) * | 2009-01-06 | 2015-02-24 | Qualcomm Incorporated | Location-based system permissions and adjustments at an electronic device |
US20100175116A1 (en) * | 2009-01-06 | 2010-07-08 | Qualcomm Incorporated | Location-based system permissions and adjustments at an electronic device |
US11276093B2 (en) * | 2009-05-29 | 2022-03-15 | Paypal, Inc. | Trusted remote attestation agent (TRAA) |
US20220114634A1 (en) * | 2009-05-29 | 2022-04-14 | Paypal, Inc. | Trusted remote attestation agent (traa) |
US11720943B2 (en) * | 2009-05-29 | 2023-08-08 | Paypal, Inc. | Trusted remote attestation agent (TRAA) |
US20130244639A1 (en) * | 2009-06-26 | 2013-09-19 | Sumiko Mochizuki | Wireless base station, wireless communication system, wireless communication method, and computer-readable medium storing device |
US20130018704A1 (en) * | 2011-07-13 | 2013-01-17 | Ying Liu | Systems and methods for determining school geographic boundaries and related searches |
US9781130B1 (en) * | 2012-06-28 | 2017-10-03 | EMC IP Holding Company LLC | Managing policies |
US8781500B1 (en) * | 2012-09-12 | 2014-07-15 | Google Inc. | Proprietor-controlled location-based setting of notification policies |
US9219992B2 (en) | 2012-09-12 | 2015-12-22 | Google Inc. | Mobile device profiling based on speed |
US20150312845A1 (en) * | 2013-01-15 | 2015-10-29 | Netline Communications Technologies (N.C.T.) Ltd | Method and apparatus for location-based security and policy enforcement for mobile devices |
WO2014111934A1 (en) * | 2013-01-15 | 2014-07-24 | Netline Communications Technologies (N.C.T.) Ltd. | Method and apparatus for location-based security and policy enforcement for mobile devices |
US20190253557A1 (en) * | 2013-11-26 | 2019-08-15 | Nokia Solutions And Networks Oy | Venue owner-controllable per-venue service configuration |
US11483352B2 (en) * | 2016-11-23 | 2022-10-25 | Intertrust Technologies Corporation | Mobile device service systems and methods using device orientation information |
US20230095130A1 (en) * | 2016-11-23 | 2023-03-30 | Intertrust Technologies Corporation | Mobile device service systems and methods using device orientation information |
US10785263B2 (en) * | 2016-11-23 | 2020-09-22 | Intertrust Technologies Corporation | Mobile device service systems and methods using device orientation information |
US11882156B2 (en) * | 2016-11-23 | 2024-01-23 | Intertrust Technologies Corporation | Mobile device service systems and methods using device orientation information |
EP3863318A1 (en) * | 2020-02-05 | 2021-08-11 | Lookout Inc. | Use of geolocation to improve security while protecting privacy |
US11523282B2 (en) | 2020-02-05 | 2022-12-06 | Lookout Inc. | Use of geolocation to improve security while protecting privacy |
US20230056369A1 (en) * | 2020-02-05 | 2023-02-23 | Lookout Inc. | Use Of Geolocation To Improve Security While Protecting Privacy |
US11849304B2 (en) * | 2020-02-05 | 2023-12-19 | Lookout Inc. | Use of geolocation to improve security while protecting privacy |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8112785B1 (en) | Systems and methods for administering policies for physical locations | |
US8266306B2 (en) | Systems and methods for delegating access to online accounts | |
JP6672263B2 (en) | Using mobile devices to perform actions with limited concentration on other mobile devices | |
CN109565640B (en) | Secure private location-based services | |
US8656454B2 (en) | Data store including a file location attribute | |
US9213805B2 (en) | Approach for managing access to data on client devices | |
US8111154B1 (en) | Systems and methods for monitoring a mobile-computing device using geo-location information | |
US9111181B2 (en) | Detecting and flagging likely confidential content in photographs to prevent automated dissemination | |
US9621504B2 (en) | Method and system for secure social networking on feature phones | |
US11425571B2 (en) | Device configuration method, apparatus and system | |
US9883394B2 (en) | Virtual mobile phone interface system and method thereof | |
US10540510B2 (en) | Approach for managing access to data on client devices | |
US9226155B2 (en) | Data communications management | |
US8732792B2 (en) | Approach for managing access to data on client devices | |
EP2433216B1 (en) | Data backup system | |
US20180367995A1 (en) | Communication and Action Approval System and Method | |
CN108337677A (en) | Network authentication method and device | |
EP2232893A2 (en) | Methods and systems for policy and setting administration | |
US10299304B1 (en) | Securely communicating a status of a wireless technology device to a non-paired device | |
WO2015027907A1 (en) | Methods and systems for visiting user groups | |
WO2022078073A1 (en) | Ultrasound split key transmission for enhanced security | |
US20230403630A1 (en) | Role-based access control system | |
US10779112B2 (en) | Location-based organizational groupings for management services | |
WO2015062266A1 (en) | System and method of authenticating user account login request messages | |
US10581781B1 (en) | Systems and methods for facilitating negotiation and exchange of information between parties |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: SYMANTEC CORPORATION, CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:COOLEY, SHAUN;POWELL, BRIAN;SIGNING DATES FROM 20071227 TO 20071228;REEL/FRAME:020305/0057 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
FPAY | Fee payment |
Year of fee payment: 4 |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment: 8 |
|
AS | Assignment |
Owner name: JPMORGAN, N.A., NEW YORK Free format text: SECURITY AGREEMENT;ASSIGNORS:SYMANTEC CORPORATION;BLUE COAT LLC;LIFELOCK, INC,;AND OTHERS;REEL/FRAME:050926/0560 Effective date: 20191104 |
|
AS | Assignment |
Owner name: NORTONLIFELOCK INC., ARIZONA Free format text: CHANGE OF NAME;ASSIGNOR:SYMANTEC CORPORATION;REEL/FRAME:051935/0228 Effective date: 20191104 |
|
AS | Assignment |
Owner name: BANK OF AMERICA, N.A., AS COLLATERAL AGENT, NORTH CAROLINA Free format text: SECURITY AGREEMENT;ASSIGNOR:NORTONLIFELOCK INC.;REEL/FRAME:062220/0001 Effective date: 20220912 Owner name: BANK OF AMERICA, N.A., AS COLLATERAL AGENT, NORTH CAROLINA Free format text: NOTICE OF SUCCESSION OF AGENCY (REEL 050926 / FRAME 0560);ASSIGNOR:JPMORGAN CHASE BANK, N.A.;REEL/FRAME:061422/0371 Effective date: 20220912 |
|
AS | Assignment |
Owner name: GEN DIGITAL INC., ARIZONA Free format text: CHANGE OF NAME;ASSIGNOR:NORTONLIFELOCK INC.;REEL/FRAME:062714/0605 Effective date: 20221107 |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 12TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1553); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment: 12 |